CVE-2022-47516

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a crafted UDP message that leads to a failure of the libsofia-sip-ua/tport/tport.c self assertion.

References

Affected packages

Git / github.com/davehorton/sofia-sip

Affected ranges

Type: GIT
Repo: https://github.com/davehorton/sofia-sip
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

13b2a135287caa2d67ac6cd5155626821e25b377

Database specific

vanir_signatures

[
    {
        "target": {
            "file": "libsofia-sip-ua/tport/tport.c"
        },
        "source": "https://github.com/davehorton/sofia-sip/commit/13b2a135287caa2d67ac6cd5155626821e25b377",
        "id": "CVE-2022-47516-6838b271",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "137665327021306405935673177103996540739",
                "222660642482478647502609743690131795640",
                "126945473246565109207045912794547003621",
                "75899966100980029990415126950327193709"
            ]
        },
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "target": {
            "function": "tport_tsend",
            "file": "libsofia-sip-ua/tport/tport.c"
        },
        "source": "https://github.com/davehorton/sofia-sip/commit/13b2a135287caa2d67ac6cd5155626821e25b377",
        "id": "CVE-2022-47516-b0dbb540",
        "signature_version": "v1",
        "digest": {
            "function_hash": "9098198435050197295798369122218213473",
            "length": 3356.0
        },
        "deprecated": false,
        "signature_type": "Function"
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-47516.json"